def getKeys(sort="name", order="asc"):
remotePath = comLib.getSupportFilePath("RemoteKeys")
localPath = comLib.getSupportFilePath("LocalKeys")
remoteKeys = getKeyFileNames(remotePath)
localKeys = getKeyFileNames(localPath)
keys = []
for r in remoteKeys:
keys.append({
"name":
r,
'type':
"remote",
"mtime":
comLib.timestampToPrettyDate(
os.stat("{}/{}".format(remotePath, r))[8])
})
for l in localKeys:
keys.append({
"name":
l,
'type':
"local",
"mtime":
comLib.timestampToPrettyDate(
os.stat("{}/{}".format(localPath, l))[8])
})
return comLib.sortOrder(keys, sort, order)
def createRrdSymLink():
try:
if not os.path.exists(comLib.getSupportFilePath("RrdServ")):
comLib.cmd("ln -s {}/{}/ {}".format(
comLib.getSupportFilePath("RrdLib"), sysLib.getHostname(),
comLib.getSupportFilePath("RrdServ")))
except Exception as e:
print("Error Creating rrd symlink: {}".format(e))
def deleteFile(keyType, filename):
ret = verifyDeleteOk(keyType, filename)
os.remove("{}/{}".format(
comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())),
filename))
return ret
def saveFile(keyType, theFile):
msg = verifySaveOk(keyType, theFile.filename)
if len(msg) == 0:
theFile.save("{}/{}".format(
comLib.getSupportFilePath("{}Keys".format(keyType.capitalize())),
theFile.filename))
return "<br/>".join(msg)
def getKeyContent(filename, keyType):
filePath = "{}/{}".format(comLib.getSupportFilePath("RemoteKeys"),
filename)
if keyType.lower() == "local":
filePath = "{}/{}".format(comLib.getSupportFilePath("LocalKeys"),
filename)
if os.path.exists(filePath):
f = open(filePath, 'r')
try:
return f.read()
except IOError as e:
return ''
except UnicodeDecodeError as e:
return ''
return ''
def verifyDeleteOk(keyType, filename):
thePath = comLib.getSupportFilePath("{}Keys".format(keyType.capitalize()))
theFiles = getKeyFileNames(thePath)
ret = ""
if len(theFiles) == 1:
ret = "Warning: Deleting the last {0} key prevents encrypted communication from working correctly. Please upload a {0} public key to enable encrypted communiation".format(
keyType)
return ret
def updateTypesDb():
tPath = comLib.getSupportFilePath("CollectdTypes")
appendFile = False
with open(tPath, 'r') as typesFile:
typesLines = [x.rstrip() for x in typesFile.readlines()]
if not re.search("func_latency", typesLines[-1]):
appendFile = True
if appendFile:
with open(tPath, 'a') as typesFile:
typesFile.write("func_latency\t\tlatency:GAUGE:0:U")
def writeConfig(config, theType):
#aConf = Template(open(comLib.getSupportFilePath("ArmoreConfigTemplate"), 'r').read())
confFileTemp = None
confFileToWrite = None
if theType == "armore":
confFileTemp = comLib.getSupportFilePath("ArmoreConfigTemplate")
confFileToWrite = ARMORE_CFG_FILE
elif config.get("operationMode") == "Proxy":
confFileTemp = comLib.getSupportFilePath("ProxyConfigTemplate")
confFileToWrite = PROXY_CFG_FILE
elif config.get("operationMode") == "Passive":
confFileTemp = comLib.getSupportFilePath("PassiveConfigTemplate")
confFileToWrite = PASSIVE_CFG_FILE
elif config.get("operationMode") == "Transparent":
confFileTemp = comLib.getSupportFilePath("TransparentConfigTemplate")
confFileToWrite = TRANSPARENT_CFG_FILE
else:
print("# Unable to write config for '{}' mode".format(
config.get("operationMode")))
if confFileTemp:
writeTemplate(config, confFileTemp, confFileToWrite)
def verifySaveOk(keyType, filename):
thePath = comLib.getSupportFilePath("{}Keys".format(keyType.capitalize()))
theFiles = getKeyFileNames(thePath)
ret = []
print(keyType, theFiles, filename)
if keyType == "local" and len(theFiles) == 1:
ret.append(
"ERROR: Local key already exists. Please delete existing local key before adding a new one"
)
if filename in theFiles:
ret.append("ERROR: Key '{}' already exists in {} keys".format(
filename, keyType))
return ret
def enablePythonRrd():
cPath = comLib.getSupportFilePath("CollectdConf")
startIndex = -1
stopIndex = -1
lastBlankSpace = -1
cLines = [x.rstrip() for x in open(cPath, 'r').readlines()]
for x in range(len(cLines)):
if re.match('^# ARMORE', cLines[x]) and startIndex == -1:
startIndex = x
elif re.match('^# ARMORE', cLines[x]) and startIndex != -1:
stopIndex = x
elif re.match('^$', cLines[x]) and startIndex == -1:
lastBlankSpace = x
newTxt = '''# ARMORE
<LoadPlugin python>
Globals true
Interval 900
</LoadPlugin>
<Plugin python>
ModulePath "/var/webServer/domains/support"
LogTraces true
Interactive false
import rrdDataParser
<Module rrdDataParser>
</Module>
</Plugin>
# ARMORE'''.split('\n')
if startIndex == -1:
cLines.extend(newTxt)
else:
cLines[startIndex:stopIndex + 1] = newTxt
with open(cPath, 'w') as cFile:
cFile.write("\n".join(cLines))
comLib.cmd("/etc/init.d/collectd restart")
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE SOFTWARE.
#
# # # # #
import domains.support.lib.common as comLib
import domains.support.lib.ipfw as ipfw
from domains.support.models import *
import re
import os
import os.path
import datetime as dt
from string import Template
from uuid import uuid4
LINETEMPLATE = "$ruleNum\t$name\tsrc=$src,dest=$dest\t$proto\t$func\t$time\t$severity\t$filtering\n"
POLICYCONFIGFILE = comLib.getSupportFilePath("PolicyConfig")
POLICYLOGFILE = comLib.getSupportFilePath("PolicyLog")
def verifyPolicyFileExists():
writeFile = False
if not os.path.isfile(POLICYCONFIGFILE):
writeFile = True
elif len(open(POLICYCONFIGFILE, 'r').readlines()) == 0:
writeFile = True
if writeFile:
with open(POLICYCONFIGFILE, 'w') as f:
f.write(
"#fields\truleNum\tname\tip\tproto\tfunc\ttimePer\tseverity\tfiltering\n"
)
def createArmoreModeConfigFiles(
supportFilePath="/var/webServer/supportFiles.txt"):
configs = [
"ArmoreConfig", "ProxyConfig", "TransparentConfig", "PassiveConfig"
]
print("# Creating Config Files")
backendConfig = getArmoreConfigBackend()
intIpsDict = netLib.getInterfaceIps()
for c in configs:
cPath = comLib.getSupportFilePath(c, supportFilePath)
ctPath = comLib.getSupportFilePath("{}Template".format(c),
supportFilePath)
if not os.path.exists(cPath):
theDict = {}
currConfig = getArmoreConfig()
if c == "ArmoreConfig":
theDict["managementIp"] = backendConfig.get("ManagementIp")
theDict["managementMask"] = backendConfig.get("ManagementMask")
theDict["managementInterface"] = backendConfig.get(
"ManagementInt")
intsUsed = [backendConfig.get("ManagementInt")]
intToUse = ""
for i in intIpsDict:
if i not in intsUsed:
intToUse = i
intsUsed.append(i)
break
theDict["internalIp"] = intIpsDict[intToUse]
theDict["internalMask"] = netLib.getNetmaskFromInt(intToUse)
theDict["internalInterface"] = intToUse
for i in intIpsDict:
if i not in intsUsed:
intToUse = i
intsUsed.append(i)
break
theDict["externalIp"] = intIpsDict[intToUse]
theDict["externalMask"] = netLib.getNetmaskFromInt(intToUse)
theDict["externalInterface"] = intToUse
theDict["operation"] = getOperationMode()
elif c == "ProxyConfig":
if backendConfig.get("Operation") == "Proxy":
theDict["roleType"] = backendConfig.get("Roletype")
theDict["port"] = backendConfig.get("Port")
theDict["bind"] = backendConfig.get("Bind")
theDict["capture"] = backendConfig.get("Capture")
theDict["encryption"] = backendConfig.get("Encryption")
theDict["firewall"] = backendConfig.get("Firewall")
theDict["interface"] = backendConfig.get("Interface")
else:
theDict["roleType"] = "Server"
theDict["port"] = "5555"
theDict["bind"] = "127.0.0.2"
theDict["capture"] = "NetMap"
theDict["encryption"] = "Enabled"
theDict["firewall"] = "Disabled"
theDict["interface"] = "eth1"
elif c == "TransparentConfig":
theDict["netmask"] = "255.255.255.0"
theDict["broadcastIp"] = "127.0.0.2"
theDict["bridgeIp"] = "127.0.0.3"
theDict["interface1"] = "eth1"
theDict["interface2"] = "eth2"
theDict["gateway"] = "127.0.0.1"
theDict["route"] = "127.0.0.1/8"
elif c == "PassiveConfig":
theDict["monitored_interface"] = "eth1"
writeTemplate(theDict, ctPath, cPath)
'''
# FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE CONTRIBUTORS
# OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS WITH THE SOFTWARE.
#
# # # # #
import domains.support.lib.common as comLib
import domains.support.network as netLib
import re
import os.path
import threading
from string import Template
# These get called a lot, get them once when read in to prevent lots of file reads
ARMORE_CFG_FILE = comLib.getSupportFilePath("ArmoreConfig")
PROXY_CFG_FILE_BACKEND = comLib.getSupportFilePath("ProxyConfigBackend")
PROXY_CFG_FILE = comLib.getSupportFilePath("ProxyConfig")
TRANSPARENT_CFG_FILE = comLib.getSupportFilePath("TransparentConfig")
PASSIVE_CFG_FILE = comLib.getSupportFilePath("PassiveConfig")
PROXY_NETWORK_FILE = comLib.getSupportFilePath("ProxyNetworkTemplate")
PASSIVE_NETWORK_FILE = comLib.getSupportFilePath("PassiveNetworkTemplate")
TRANSPARENT_NETWORK_FILE = comLib.getSupportFilePath(
"TransparentNetworkTemplate")
PROXY_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath(
"ProxyConfigBackendTemplate")
PASSIVE_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath(
"PassiveConfigBackendTemplate")
TRANSPARENT_CFG_BACKEND_TEMPLATE = comLib.getSupportFilePath(
def createArmoreDb():
try:
comLib.cmd("sh {}".format(comLib.getSupportFilePath("ArmoreDBInit")))
except Exception as e:
print("Error Creating armore.db: {}".format(e))
